fix: fix pr_checking workflow

2026-01-07 00:03:10 +00:00 · 2024-06-26 15:21:47 -04:00 · 2024-06-26 15:21:47 -04:00 · 25d062afeb
commit 25d062afeb
parent 7ee5c5196c
1 changed files with 48 additions and 14 deletions
--- a/.github/workflows/pr_checking.yml
+++ b/.github/workflows/pr_checking.yml
@ -1,22 +1,56 @@
 name: PR check

 on:
-  pull_request_target:
-    types:
-      - opened
-      - edited
-      - synchronize
+  pull_request:
+    types: [opened, reopened, synchronize]
+
+permissions:
+  pull-requests: write

 jobs:
-  title:
+  pr_check:
    name: Validate PR
    runs-on: ubuntu-latest
-    if: ${{ 
-      github.event.pull_request.author_association != 'CONTRIBUTOR' &&
-      github.event.pull_request.author_association != 'MEMBER' &&
-      (
-        contains(fromJSON(secrets.RESTRICTED_KEYWORDS), github.event.pull_request.title) ||
-        contains(fromJSON(secrets.RESTRICTED_KEYWORDS), github.event.pull_request.description
-      ) }}
    steps:
-      - run: gh pr close
+      - name: Set up keywords
+        id: setup_keywords
+        run: echo "RESTRICTED_KEYWORDS=$(echo '${{ secrets.RESTRICTED_KEYWORDS }}' | jq -r '.[]' | tr '\n' ' ')" >> $GITHUB_ENV
+
+      - name: Check for spam PR
+        id: check
+        run: |
+          # Initialize variables to track spam presence
+          title_is_spam=false
+          description_is_spam=false
+          
+          # Check title for spam
+          for keyword in $RESTRICTED_KEYWORDS; do
+            if echo "${{ github.event.pull_request.title }}" | grep -i -q "$keyword"; then
+              title_is_spam=true
+              break
+            fi
+          done
+
+          # Check description for spam
+          for keyword in $RESTRICTED_KEYWORDS; do
+            if echo "${{ github.event.pull_request.body }}" | grep -i -q "$keyword"; then
+              description_is_spam=true
+              break
+            fi
+          done
+
+          # Set the output based on the presence of spam
+          if [ "$title_is_spam" = true ] || [ "$description_is_spam" = true ]; then
+            echo "is_spam=true" >> $GITHUB_ENV
+          else
+            echo "is_spam=false" >> $GITHUB_ENV
+          fi
+
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Close PR if spam are found and author is not a contributor or member
+        if: ${{ env.is_spam == 'true' && github.event.pull_request.author_association != 'CONTRIBUTOR' && github.event.pull_request.author_association != 'MEMBER' && github.event.pull_request.author_association != 'OWNER' }}
+        run: gh pr close ${{ github.event.pull_request.number }} --comment "Spam detected"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}